Changes

Privacy and Security Policies

3,886 bytes added, 13 May
m
Configuration
=Configuration=
 
In this section, we will outline how to set up a new policy, how to manage policy enforcement and revisions, how to attach policies to various collection points, and how to view acceptance. You must be a Global Administrator to configure policies.
 
 
<u>'''Note:'''</u> There is currently no mechanism to migrate existing policies into the new format. If you wish to keep using an existing policy, you'll need to recreate it using the new policy builder. Old policy acceptance data will still be retained.
 
 
==Setting Up a Global Policy==
===Creating a New Policy===
To establish a global privacy and security policy that all system users must accept, follow the steps below:
 
 
# Go to Global Settings > Security tab > Privacy and Security Policies > Click the “New Policies” button (plus sign).
# Under the Name field, give your policy a descriptive name such as “Privacy and Security Policy”. This name will be displayed to the end user.
# (Optional) If you have an existing policy number in a third-party system, you can enter the same policy ID under Custom ID for reference purposes.
# For Effective Date, schedule a date in the past to immediately activate this policy and force users to accept this policy at all collection points which we will set at a later stage. If you select a date in the future, policies will be automatically moved from “Draft” to “Active” status on that future date. An Effective Date is required to enforce an active policy.
# (Optional) If you need users to periodically re-accept this policy after a set interval of time on login only, specify a period under Enforcement Interval. By default, the interval is set to “None”.
# (Optional) For Expiry Date, schedule a date for the current version of this policy to expire. After this date, the status of this policy will change from “Active” to “Expired” and the policy will no longer be enforced.
# Under User Policy Options, choose the compliance option that will be presented to the user. In this example, we will choose the second option (“Users must accept the policy to proceed”) since we want all users to have a choice to accept the policy, however, we will not allow them to use the system unless they consent to the terms of our policies.
# (Optional) Toggle on Enforce Scrolling if you want to force the user to scroll to the bottom of the policy before seeing the options to acknowledge, accept, and/or decline. Otherwise, the acceptance options will be immediately visible to the user and they will not be forced to read it.
# Click Save.
 
 
 
===Creating Policy Sections===
Now that we have created a policy, we need to add the content of the policy using the new policy builder.
 
 
# In the left-hand navigation, select “Policy Builder”. A policy can be built section by section, with each section getting its own independent permissions. This allows you to set up a single policy that can show different sections to different user roles if needed.
# To create a new section, click the “New Policy Section” button which looks like a plus sign.
# Provide a relevant title for the section under Section Header.
# Under Content, add the content for the first section of your policy. Then click Save.
# Repeat steps 2 to 4 adding additional sections and content as needed.
# (Optional) If a certain policy section should only be displayed to specific users and/or countries, navigate to the Permissions tab to define this in more detail.
 
 
===Adding Permissions to a Policy===
While each policy section can have its own permissions, you can also add permissions to the policy as a whole. To do this, navigate to Global Settings > Security tab > Privacy and Security Policies > Edit the desired policy > Permissions tab.
 
<u>'''Note:'''</u> A policy must not contain any role-based or country-based permissions in order to be visible to users not logged into the system.
 
 
===Attaching Policies to a Login Page===
==Attaching Policies to Other Collection Points==
Smartstaff
2,359
edits